Health Law Advisor

In this episode of the Diagnosing Health Care Podcast: What trends in state laws and regulations have emerged in the post-public health emergency (PHE) era, and how do these changes impact telehealth stakeholders?

At the federal level, many telehealth-related flexibilities have been extended through December 31, 2024, whereas, at the state level, there are wide variations in approach. Many states have continued to push the boundaries of existing telehealth policies, yet no two states are exactly alike in their approach to defining and regulating telehealth.

On this episode ...

Interest in and acceptance of telehealth services continues to grow. In 2023, a key focus by the states has been addressing questions about how to modify existing regulatory infrastructures sustaining the provision of telehealth services to support the continued use of these services in a post-public health emergency world.

However, modifications to telehealth services also increases the potential for fraudulent behavior and enforcement activity. Providers should continue to monitor developments in federal and state laws, regulations, and policies to capitalize on ...

On October 18, 2023, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”), which is tasked with enforcing the Health Insurance Portability and Accountability Act (“HIPAA”), issued two new guidance documents pertaining to privacy and security risks associated with the use of telehealth services. One guidance document, entitled “Educating Patients about Privacy and Security Risks to Protected Health Information when Using Remote Communication Technologies for Telehealth,” is aimed at health care providers (the ...

On Friday, October 6, 2023, the Drug Enforcement Administration (“DEA”) and Department of Health and Human Services (“HHS”) filed a Second Temporary Extension of the COVID-19 Telemedicine Flexibilities for Prescription of Controlled Medications (“Second Temporary Rule”), extending the full set of telemedicine flexibilities adopted during the COVID-19 public health emergency (“PHE”) through December 31, 2024. The Second Temporary Rule is scheduled for publication in the Federal Register today (October 10, 2023) and scheduled to take effect on November ...

On June 16, 2023, Nevada enacted Senate Bill 370 (“SB 370”), which imposes broad restrictions on the collection, use, and sale of consumer health data. This law is set to go into effect on March 31, 2024.

More than just New Year’s resolutions went into effect when the clock struck midnight on January 1, 2023. The California Privacy Rights Act (“CPRA”) and the Virginia Consumer Data Protection Act (“VCPDA”) are now effective in California and Virginia, respectively. These comprehensive data privacy laws, along with three other state laws going into effect this year, establish new and complex obligations for businesses. If your business has not taken steps to prepare for these privacy laws, it is high time to start that process to avoid violations and enforcement likely to follow later in the year. See below for a timeline of key dates.

Interest in and acceptance of telehealth services continues to grow. Recent events, like the COVID-19 pandemic and the U.S. Supreme Court’s ruling in Dobbs v. Jackson Women's Health Organization, have put more pressure than ever on federal and state legislators to promote access to telehealth services.

However, the greater use of telehealth services also increases the potential for fraudulent behavior and enforcement activity. Providers should continue to monitor developments in federal and state laws, regulations, and policies to capitalize on telehealth opportunities while staying compliant with applicable laws.

Since 2016, Epstein Becker Green has researched, compiled, and analyzed state-specific content relating to the regulatory requirements for professional mental/behavioral health practitioners and stakeholders seeking to provide telehealth-focused services. We are pleased to release our latest compilation of state telehealth laws, regulations, and policies within the mental/behavioral health practice disciplines.

Connecticut becomes the fifth state to pass a comprehensive privacy law. Are you prepared for state privacy law compliance required in 2023?

On Tuesday, August 24, 2021, California Attorney General Rob Bonta issued a guidance bulletin (the “Guidance”) to health care providers reminding them of their compliance obligations under California’s health data privacy laws, and urging providers to take proactive steps to protect against cybersecurity threats. This Guidance comes, in part, as a response to federal regulators sounding the alarm over an uptick in cybercrime against hospitals and other health providers. The Guidance follows an October 2020 Joint Cybersecurity Advisory issued by the Cybersecurity and ...

On October 22, 2019, the Centers for Medicare and Medicaid Services (“CMS”) issued a Request for Information (“RFI”) to obtain input on how CMS can utilize Artificial Intelligence (“AI”) and other new technologies to improve its operations.  CMS’ objectives to leverage AI chiefly include identifying and preventing fraud, waste, and abuse.  The RFI specifically states CMS’ aim “to ensure proper claims payment, reduce provider burden, and overall, conduct program integrity activities in a more efficient manner.”  The RFI follows last month’s White House ...

On July 11, 2019, a Federal judge for the U.S. District Court for Maryland ruled that manufacturers and importers of products such as e-cigarettes and other electronic nicotine delivery systems (“ENDS”) have ten months to submit applications for marketing to the U.S. Food and Drug Administration (“FDA”). The ten-month deadline is applicable to new tobacco products on the market as of the August 8, 2016 deeming rule that extended FDA’s regulatory jurisdiction to include all tobacco products. Accordingly, manufacturers of e-cigarettes now have until May 2020 to submit ...

On February 27, 2019, Tennessee-based holding company Vanguard Healthcare, LLC (“Vanguard”), agreed to pay over $18 million to settle a False Claims Act (“FCA”) action brought by the United States and the state of Tennessee for “grossly substandard nursing home services.” The settlement stems from allegations that five Vanguard-operated facilities failed to do the following: (1) administer medications as prescribed, (2) provide standard infection control resulting in urinary tract and wound infections, (3) attend to the basic nutrition and hygiene ...

On November 26, 2018, the U.S. Food and Drug Administration (“FDA”) announced the process for clearing most medical devices for marketing is being updated to incorporate changes the FDA laid out in an April draft guidance. For over forty years, most medical devices have entered the United States market through the 510(k) clearance process. The 510(k) process offers an expedited approval process available only for products that are substantially equivalent to products already on the market (known as predicate devices). The FDA is considering no longer allowing sponsors to ...